table of Contents
1Rest
2 Operation Index
put get delete
3 query
Basic query (match, match_all, term)
Result filtering (_source filtering, specifying includes and excludes, fuzzy, filter)
Advanced query (bool range)
Sorting (order: divided into single field and multiple fields)
4 aggregation (aggregations: divided into buckets and metrics)
1Rest
REST stands for Representational State Transfer. The direct translation means "transformation of the state of the presentation layer".
It is an API design concept for Internet applications: URL locates resources and uses HTTP verbs (GET, POST, DELETE, DETC) to describe operations.
Reference link: https://www.jianshu.com/p/73d2415956bd
2. Operation Index
2.1. Basic concepts
Elasticsearch is also a full-text search library based on Lucene. The essence is to store data. Many concepts are similar to MySQL.
Comparison relationship:
Index (indices)--------------------------------Databases database
Type (type)-----------------------------Table data table
Document (Document) ---------------- Row
Field (Field) -------------------Columns
2.2. Create an index
2.2.1. Syntax
Elasticsearch uses Rest style API, so its API is an http request, you can use any tool to initiate an http request
Request format for index creation:
Request method: PUT
Request path:/index library name
Request parameters: json format:
{
"settings": {
"number_of_shards": 3,
"number_of_replicas": 2
}
}
settings: the settings of the index library
number_of_shards: number of shards
number_of_replicas: number of replicas
2.3. View index settings
grammar
Get request can help us view index information, format:
2.4. Delete index
Delete index using DELETE request
grammar
DELETE/index library name
2.5. Mapping configuration
The index is there, and the next step is definitely to add data. However, the mapping must be defined before adding data.
What is mapping?
Mapping is the process of defining a document, which fields the document contains, whether these fields are saved, whether they are indexed, whether they are segmented, etc.
Only when the configuration is clear, Elasticsearch will help us create the index library (not necessarily)
2.5.1. Create a mapping field
grammar
The request method is still PUT
PUT /index library name/_mapping/type name
{
"properties": {
"Field Name": {
"type": "类型",
"index": true,
"store": true,
"analyzer": "分词器"
}
}
}
Type name: It is the concept of type mentioned earlier, similar to the field names of different tables in the database: fill in any, you can specify many attributes, for example:
type: type, can be text, long, short, date, integer, object, etc.
index: whether to index, the default is true
store: whether to store or not, the default is false
analyzer: tokenizer, where ik_max_word uses ik tokenizer
Example
Initiate a request:
PUT heima/_mapping/goods
{
"properties": {
"title": {
"type": "text",
"analyzer": "ik_max_word"
},
"images": {
"type": "keyword",
"index": "false"
},
"price": {
"type": "float"
}
}
}
Response result:
{
"acknowledged": true
}
3. Query
Let's look at the 4 blocks:
Basic query
Results filtering
Advanced Search
Sort
3.1. Basic query:
Basic grammar
GET /index library name/_search
{
"query":{
"Query Type":{
"Query Condition": "Query Condition Value"
}
}
}
The query here represents a query object, which can have different query attributes
Query type:
For example: match_all, match, term, range, etc.
Query conditions: The query conditions will be different according to the type, and the writing method will also be different, which will be explained in detail later
3.1.1 Query all (match_all)
Example:
GET /heima/_search
{
"query":{
"match_all": {}
}
}
3.1.2 Match
3.1.3 Multi-field query (multi_match)
3.1.4 Term matching (term)
The term query is used for exact value matching. These exact values may be numbers, times, Booleans, or strings that are not segmented
3.1.5 Exact Matching of Multiple Terms (terms)
The terms query is the same as the term query, but it allows you to specify multiple values for matching. If this field contains any of the specified values, then the document meets the conditions:
3.2. Results filtering
By default, elasticsearch will return all the fields saved in _source in the document in the search results.
If we only want to get some of the fields, we can add the filter of _source
3.2.1. Directly specify the field
Example:
GET /heima/_search
{
"_source": ["title","price"],
"query": {
"term": {
"price": 2699
}
}
}
3.2.2. Specify includes and excludes
We can also pass:
includes: to specify the fields you want to display
excludes: to specify the fields that do not want to be displayed
3.3 Advanced query
3.3.1 Boolean combination (bool)
bool combines various other queries through must (and), must_not (not), should (or)
3.3.2 Range query (range)
range query to find those numbers or times that fall within the specified range
GET /heima/_search
{
"query":{
"range": {
"price": {
"gte": 1000.0,
"lt": 2800.00
}
}
}
}
The range query allows the following characters:
Operator description
gt is greater than
gte is greater than or equal to
lt is less than
lte is less than or equal to
3.3.3 Fuzzy query (fuzzy)
Fuzzy query is the fuzzy equivalent of term query. It allows users to search for entries and the spelling of the actual entries deviate, but the edit distance of the deviation must not exceed 2:
3.4 filter
Filter in conditional query
All queries will affect the score and ranking of the document. If we need to filter in the query results, and do not want the filter conditions to affect the score, then do not use the filter conditions as query conditions. Instead, use the filter method:
3.5 Sort
3.4.1 Single field sort
sort allows us to sort according to different fields, and specify the sorting method by order
GET /heima/_search
{
"query": {
"match": {
"title": "小米手机"
}
},
"sort": [
{
"price": {
"order": "desc"
}
}
]
}
3.4.2 Multi-field sorting
Suppose we want to use price and _score (score) together for query, and the matching results are first sorted by price, and then sorted by relevance score:
4. Aggregation
Aggregation allows us to realize the statistics and analysis of data extremely conveniently. E.g:
What brand of mobile phone is the most popular?
The average price, highest price, and lowest price of these phones?
How about the monthly sales of these phones?
The realization of these statistical functions is much more convenient than the sql of the database, and the query speed is very fast, which can realize the real-time search effect
Aggregation in Elasticsearch includes many types, two of the most commonly used, one is called bucket and the other is called metric:
Bucket
The role of buckets is to group data in a certain way. Each group of data is called a bucket in ES. For example, we divide people according to nationality, and we can get Chinese buckets, British buckets, Japanese buckets... or we can classify them by age. Segments divide people: 010, 1020, 2030, 3040, etc.
Metrics
After the grouping is completed, we generally perform aggregation operations on the data in the group, such as average, maximum, minimum, sum, etc. These are called metrics in ES
4.2 Aggregate into buckets
First, we divide the buckets according to the color of the car
GET /cars/_search
{
"size" : 0,
"aggs" : {
"popular_colors" : {
"terms" : {
"field" : "color"
}
}
}
}
size: The number of queries, set to 0 here, because we don’t care about the searched data, only the aggregation results, which improves efficiency
aggs: declares that this is an aggregation query, short for aggregations
popular_colors: Give this aggregation a name, any.
terms: the way to divide buckets, here is based on terms
field: the field that divides the bucket